RegLookup

The RegLookup project is devoted to direct analysis of Windows NT-based registry files. RegLookup is released under the GNU GPL, and is implemented in ANSI C. RegLookup provides command line tools, a C API, and a Python module for accessing registry data structures. The project has a focus on providing tools for digital forensic examiners (though is useful for many purposes), and includes algorithms for retrieving deleted data structures from registry hives. Browse the project's goals to read up on the objectives of future releases.

You may download the latest release, or grab the latest code out of our Subversion repository. Prior to installation, you may want to check out RegLookup's dependencies.
Also, we have some links posted to some other, similar projects. Finally, the latest updates on the project status can be found on our news page.

Check out the credits for a list of contributors to the project. If you are interested in contributing, please check out the project goals page first, and then download the newest version from Subversion. You may also be interested in the API references for regfi and pyregfi. (Sorry, svn commit access isn't available at this time. Please post any patches you have to the mailing list, and I'll review/commit them manually.)